Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 6 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2009-1036
Cross-site request forgery (CSRF) vulnerability in the Plus 1 module prior to 6.x-2.6, a module for Drupal, allows remote malicious users to cast votes for content via unspecified aspects of the URI.
Drupal Plus1 6.x-1.0
Drupal Plus1 6.x-1.1
Drupal Plus1 6.x-2.1
Drupal Plus1 6.x-2.0
Drupal Plus1
Drupal Plus1 6.x-2.2
Drupal Plus1 6.x-1.2
Drupal Plus1 6.x-1.3
Drupal Plus1 6.x-2.3
Drupal Plus1 6.x-2.4
383
VMScore
CVE-2012-1646
Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module 6.x-1.x prior to 6.x-1.13 and 7.x-1.x-rc1 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via the (1) title parameter in faq.admin.inc or (2) detailed_question parameter in fa...
Drupal Faq 6.x-1.0
Drupal Faq 6.x-1.1
Drupal Faq 6.x-1.2
Drupal Faq 6.x-1.9
Drupal Faq 6.x-1.10
Drupal Faq 6.x-1.3
Drupal Faq 6.x-1.4
Drupal Faq 6.x-1.11
Drupal Faq 6.x-1.12
Drupal Faq 6.x-1.5
Drupal Faq 6.x-1.6
Drupal Faq 6.x-1.x
Drupal Faq 6.x-1.7
Drupal Faq 6.x-1.8
Drupal Faq 7x-1.x-rc1
312
VMScore
CVE-2014-8078
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 6.x-1.x prior to 6.x-1.19, 7.x-1.x prior to 7.x-1.3, and 7.x-2.x prior to 7.x-2.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web scri...
Drupal Print 6.x-1.1
Drupal Print 6.x-1.2
Drupal Print 6.x-1.9
Drupal Print 6.x-1.10
Drupal Print 6.x-1.16
Drupal Print 6.x-1.17
Drupal Print 7.x-1.1
Drupal Print 7.x-1.2
Drupal Print 6.x-1.7
Drupal Print 6.x-1.8
Drupal Print 6.x-1.14
Drupal Print 6.x-1.15
Drupal Print 7.x-1.0
Drupal Print 6.x-1.5
Drupal Print 6.x-1.6
Drupal Print 6.x-1.12
Drupal Print 6.x-1.13
Drupal Print 7.x-2.0
Drupal Print 6.x-1.3
Drupal Print 6.x-1.4
Drupal Print 6.x-1.11
Drupal Print 6.x-1.18
383
VMScore
CVE-2015-6665
Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x prior to 7.39 and the Ctools module 6.x-1.x prior to 6.x-1.14 for Drupal allows remote malicious users to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly rela...
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Fedoraproject Fedora 23
Drupal Drupal 7.0
Drupal Drupal 7.15
Drupal Drupal 7.11
Drupal Drupal 7.12
Drupal Drupal 7.2
Drupal Drupal 7.20
Drupal Drupal 7.27
Drupal Drupal 7.28
Drupal Drupal 7.36
Drupal Drupal 7.37
Drupal Drupal 7.x-dev
Drupal Drupal 7.16
Drupal Drupal 7.17
Drupal Drupal 7.23
Drupal Drupal 7.24
Drupal Drupal 7.30
Drupal Drupal 7.33
Drupal Drupal 7.6
Drupal Drupal 7.7
231
VMScore
CVE-2010-3022
Cross-site scripting (XSS) vulnerability in the Performance logging module in the Devel module 5.x prior to 5.x-1.3 and 6.x prior to 6.x-1.21 for Drupal allows remote authenticated users, with add url aliases and report access permissions, to inject arbitrary web script or HTML v...
Drupal Devel Module
Drupal Devel Module 6.x-1.19
Drupal Devel Module 6.x-1.11
Drupal Devel Module 6.x-1.10
Drupal Devel Module 6.x-1.3
Drupal Devel Module 6.x-1.1
Drupal Devel Module 6.x-1.13
Drupal Devel Module 6.x-1.12
Drupal Devel Module 6.x-1.5
Drupal Devel Module 6.x-1.4
Drupal Devel Module 5.x-1.1
Drupal Devel Module 5.x-1.0
Drupal Devel Module 6.x-1.18
Drupal Devel Module 6.x-1.17
Drupal Devel Module 6.x-1.16
Drupal Devel Module 6.x-1.9
Drupal Devel Module 6.x-1.8
Drupal Devel Module 6.x-1.0
Drupal Devel Module 6.x-1.2
Drupal Devel Module 6.x-1.15
Drupal Devel Module 6.x-1.14
Drupal Devel Module 6.x-1.7
534
VMScore
CVE-2008-6383
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x prior to 5.x-1.14 and 6.x prior to 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.
Drupal Storm 5.x-1.13
Drupal Storm 5.x-1.7
Drupal Storm 5.x-1.4
Drupal Storm 6.x-1.16
Drupal Storm 6.x-1.15
Drupal Storm 6.x-1.14
Drupal Storm 6.x-1.7
Drupal Storm 6.x-1.8
Drupal Storm 6.x-1.x-dev
Drupal Storm 5.x-1.12
Drupal Storm 5.x-1.11
Drupal Storm 5.x-1.5
Drupal Storm 5.x-1.3
Drupal Storm 6.x-1.13
Drupal Storm 6.x-1.12
Drupal Storm 6.x-1.4
Drupal Storm 6.x-1.5
Drupal Storm 5.x-1.8
Drupal Storm 5.x-1.6
Drupal Storm 5.x-1.x-dev
Drupal Storm 6.x-1.17
Drupal Storm 6.x-1.9
383
VMScore
CVE-2009-1344
Cross-site scripting (XSS) vulnerability in the Localization client module 5.x prior to 5.x-1.2 and 6.x prior to 6.x-1.7, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via input to the translation functionality.
Drupal Localization Client 6.x-1.5
Drupal Localization Client 6.x-1.xdev
Drupal Localization Client 5.x-1.1
Drupal Localization Client 6.x-1.6
Drupal Localization Client 6.x-1.2
Drupal Localization Client 6.x-1.4
Drupal Localization Client 5.x-1.0
Drupal Localization Client 5.x-1.xdev
Drupal Localization Client 6.x-1.0
Drupal Localization Client 6.x-1.1
Drupal Localization Client 6.x-1.3
312
VMScore
CVE-2009-2076
Cross-site scripting (XSS) vulnerability in Views 6.x prior to 6.x-2.6, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via (1) exposed filters in the Views UI administrative interface and in the (2) view name parameter in the define ...
Drupal Views 6.x-2.0
Drupal Views 6.x-2.1
Drupal Views 6.x-2.2
Drupal Views 6.x-2.3
Drupal Views 6.x-2.4
Drupal Views 6.x-2.5
668
VMScore
CVE-2009-1507
The Node Access User Reference module 5.x prior to 5.x-2.0-beta4 and 6.x prior to 6.x-2.0-beta6, a module for Drupal, interprets an empty CCK user reference as a reference to the anonymous user, which might allow remote malicious users to bypass intended access restrictions to re...
Drupal Nodeaccess Userreference 5.x-1.3
Drupal Nodeaccess Userreference 5.x-1.0
Drupal Nodeaccess Userreference 6.x-2.0
Drupal Nodeaccess Userreference 6.x-1.1
Drupal Nodeaccess Userreference 6.x-1.0
Drupal Nodeaccess Userreference 5.x-1.1
Drupal Nodeaccess Userreference 5.x-1.2
Drupal Nodeaccess Userreference 6.x-1.4
Drupal Nodeaccess Userreference 6.x-1.2
Drupal Nodeaccess Userreference 5.x-1.4
Drupal Nodeaccess Userreference 5.x-2.0
Drupal Nodeaccess Userreference 6.x-1.7
Drupal Nodeaccess Userreference 6.x-1.6
Drupal Nodeaccess Userreference 6.x-1.5
383
VMScore
CVE-2014-8296
Cross-site scripting (XSS) vulnerability in the Modal Frame API module 6.x-1.x prior to 6.x-1.9 for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Drupal Modal Frame 6.x-1.8
Drupal Modal Frame 6.x-1.7
Drupal Modal Frame 6.x-1.0
Drupal Modal Frame 6.x-1.2
Drupal Modal Frame 6.x-1.1
Drupal Modal Frame 6.x-1.4
Drupal Modal Frame 6.x-1.3
Drupal Modal Frame 6.x-1.6
Drupal Modal Frame 6.x-1.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »